GROWI vulnerable to path traversal JVNRSS Feed - Update Entry By: jvn@jvn.jp 11 May 2026 at 08:00 GROWI provided by GROWI, Inc. contains a path traversal vulnerability.
Canon Production Printers and Office Multifunction Printers vulnerable to information disclosure JVNRSS Feed - Update Entry By: jvn@jvn.jp 11 May 2026 at 06:00 Canon Production Printers and Office Multifunction Printers contain an information disclosure vulnerability.
"Kura Sushi Official App" vulnerable to improper certificate validation JVNRSS Feed - Update Entry By: jvn@jvn.jp 11 May 2026 at 05:00 "Kura Sushi Official App" provided by EPG, Inc. is vulnerable to improper certificate validation.
libXpm vulnerable to out-of-bounds read JVNRSS Feed - Update Entry By: jvn@jvn.jp 11 May 2026 at 05:00 libXpm provided by X.Org Foundation contains an out-of-bounds read vulnerability.
Lhaz and Lhaz+ vulnerable to path traversal JVNRSS Feed - Update Entry By: jvn@jvn.jp 11 May 2026 at 05:00 Lhaz and Lhaz+ provided by Chitora soft contain a path traversal vulnerability.
Open redirect vulnerability in multiple laser printers and MFPs which implement Ricoh Web Image Monitor JVNRSS Feed - Update Entry By: jvn@jvn.jp 30 April 2026 at 07:00 Multiple laser printers and MFPs (multifunction printers) which implement Ricoh Web Image Monitor contain an open redirect vulnerability.
Apache ActiveMQ series improper validation of MQTT packets [AMQ-9810] JVNRSS Feed - Update Entry By: jvn@jvn.jp 24 April 2026 at 05:00 Apache ActiveMQ series provided by The Apache Software Foundation does not properly validate MQTT packets.
GROWI vulnerable to Regular expression Denial-of-Service (ReDoS) JVNRSS Feed - Update Entry By: jvn@jvn.jp 23 April 2026 at 11:15 GROWI provided by GROWI, Inc. contains a Regular expression Denial-of-Service (DoS) vulnerability.
Multiple vulnerabilities in LogonTracer JVNRSS Feed - Update Entry By: jvn@jvn.jp 23 April 2026 at 07:00 LogonTracer provided by Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) contains multiple vulnerabilities.
IP Setting Software may insecurely load Dynamic Link Libraries JVNRSS Feed - Update Entry By: jvn@jvn.jp 23 April 2026 at 05:00 IP Setting Software provided by i-PRO Co., Ltd. may insecurely load Dynamic Link Libraries.
CMS ALAYA vulnerable to SQL injection JVNRSS Feed - Update Entry By: jvn@jvn.jp 23 April 2026 at 05:00 CMS ALAYA provided by KANATA Limited contains an SQL injection vulnerability.
Ziostation2 vulnerable to path traversal JVNRSS Feed - Update Entry By: jvn@jvn.jp 22 April 2026 at 07:00 Ziostation2 provided by Ziosoft, Inc. contains a path traversal vulnerability.
Installers of LiveOn Meet Client for Windows and its plugin may insecurely load Dynamic Link Libraries JVNRSS Feed - Update Entry By: jvn@jvn.jp 22 April 2026 at 07:00 The installer of LiveOn Meet Client for Windows and the installer of Canon Network Camera Plugin provided by Japan Media Systems Corporation may insecurely load Dynamic Link Libraries.
DeepL Chrome browser extension vulnerable to cross-site scripting JVNRSS Feed - Update Entry By: jvn@jvn.jp 22 April 2026 at 05:00 DeepL Chrome browser extension contains a cross-site scripting vulnerability.
Multiple vulnerabilities in silex technology SD-330AC and AMC Manager JVNRSS Feed - Update Entry By: jvn@jvn.jp 22 April 2026 at 02:15 SD-330AC and AMC Manager provided by silex technology, Inc. contain multiple vulnerabilities.
SKYSEA Client View and SKYMEC IT Manager improper file access permission settings JVNRSS Feed - Update Entry By: jvn@jvn.jp 20 April 2026 at 07:00 SKYSEA Client View and SKYMEC IT Manager provided by Sky Co.,LTD. configures the installation folder with improper file access permission settings.
Multiple vulnerabilities in CubeCart JVNRSS Feed - Update Entry By: jvn@jvn.jp 17 April 2026 at 05:00 CubeCart provided by CubeCart Limited contains multiple vulnerabilities.
Arcserve UDP Console vulnerable to redirect to a dummy URL JVNRSS Feed - Update Entry By: jvn@jvn.jp 16 April 2026 at 05:00 Offline activation traffic of UDP Console provided by Arcserve may be redirected to a dummy URL.
OMRON UPS (Uninterruptible Power Supply) management application may insecurely load Dynamic Link Libraries JVNRSS Feed - Update Entry By: jvn@jvn.jp 16 April 2026 at 04:00 The UPS (Uninterruptible Power Supply) management application provided by OMRON Corporation may insecurely load Dynamic Link Libraries.
GROWI vulnerable to stored cross-site scripting JVNRSS Feed - Update Entry By: jvn@jvn.jp 15 April 2026 at 05:00 GROWI provided by GROWI, Inc. contains a stored cross-site scripting vulnerability.